Digi Wi-Point 3G Application Guide
How to Create a VPN between Wi-Point 3G
and Check Point
________________________________________________________________________
5/22/2009 Digi International 1 of 8
Scenario
Digi Wi-Point 3G is used for remote site connectivity. The primary site is using a Check
Point VPN appliance for connectivity. The two networks need to be connected, and the
data needs to be encrypted between them.
Theory of Operation
A remote location needs to be able to build a secure tunnel between the main site and a
remote branch. One location is using a Digi Wi-Point 3G gateway to provide primary
internet connectivity. The other location is using a Check Point VPN appliance for
primary site connectivity. A VPN tunnel will be created to the Digi Wi-Point 3G
gateway, creating a secure connection for data to pass through.
Sample Diagram
Internet Cloud
Wi-Point 3G
WAN IP: 5.6.7.8
LAN IP: 10.4.1.1
Check Point
WAN IP: 1.2.3.4
LAN IP: 172.16.1.1
PCs, PLCs, Servers, Etc.
PCs, PLCs, Servers, Etc.
Carrier Plan and PC / VPN Appliance Requirements
Digi Wi-Point 3G Requirements: Firmware version must be 1.1.34-8 or later. To
download the latest firmware, go to http://www.digi.com/support.
GSM GPRS/EDGE APN Type needed: VPN and GRE end-points usually require static
(persistent) IP addresses and must support mobile terminated data connections. If mobile
termination is not an option with your current APN, you will need to acquire a new one
that does support mobile termination.
CDMA networks may also require special plans to provide static IP addresses and
support mobile terminated data connections.
Check with your wireless provider on the available plan types.
Wi-Point 3G Application Guide – Wi-Point 3G to Check Point
5/22/2009 Digi International 2 of 8
Digi Wi-Point 3G Configuration
1. Read and follow the quick-start guide for the Digi Wi-Point 3G.
2. Assign a static IP address to the Ethernet port (the default address is 192.168.1.1).
3. Configure the Digi Wi-Point 3G settings
a. Navigate to Configuration > Network > VPN Settings
b. Click VPN Tunnel Settings
c. Click Add
d. Fill in the appropriate settings below
Wi-Point 3G Application Guide – Wi-Point 3G to Check Point
5/22/2009 Digi International 3 of 8
e. Click Apply to save the changes
f. A reboot is required for the settings to take effect. Reboot the unit.
Wi-Point 3G Application Guide – Wi-Point 3G to Check Point
5/22/2009 Digi International 4 of 8
Check Point VPN Configuration
1. Configure the Check Point VPN device
a. Log into the Web Interface of the Check Point device.
b. Navigate to VPN on the left hand panel.
c. Click the VPN Sites tab at the top of the page.
d. Click New Site to add the VPN tunnel.
e. Choose the options, shown in the following screenshots, that reflect your
configuration:
Wi-Point 3G Application Guide – Wi-Point 3G to Check Point
5/22/2009 Digi International 5 of 8
NOTE: Your version of Check Point firmware may have additional options at this point
in the setup. Newer firmware allows you to specify which type of authentication and
encryption to use for Phase 1 and 2 settings. Older firmware will automatically detect
what authentication and encryption to use.
Wi-Point 3G Application Guide – Wi-Point 3G to Check Point
5/22/2009 Digi International 6 of 8
Wi-Point 3G Application Guide – Wi-Point 3G to Check Point
5/22/2009 Digi International 7 of 8
f. Click Finish to complete the VPN setup.
Wi-Point 3G Application Guide – Wi-Point 3G to Check Point
5/22/2009 Digi International 8 of 8
ADDITIONAL NOTES
1. This configuration will work with Dynamic IP addresses, using hostnames
established with DynDNS.org. When using a Dynamic IP address, you will need to
set the VPN tunnel to use Aggressive Mode to make the connection work.
2. This configuration will work with other VPN parameters than what is listed in the
screenshots. i.e. – DES, 3DES, AES 192-bit, AES 256-bit, etc.
Where to Get More Information
Refer to the Digi Connect router user documentation and Digi technical support website
at www.digi.com/support for more information. Technical assistance is available at
http://www.digi.com/support/eservice/eservicelogin.jsp.
For sales and product information, please contact Digi International at 952-912-3444 or
refer to the Digi Connect wireless pages at www.digi.com.
-
1
-
2
-
3
-
4
-
5
-
6
-
7
-
8
Ask a question and I''ll find the answer in the document
Finding information in a document is now easier with AI
Related papers
-
Digi Wi-Point 3G User guide
-
Digi ConnectPort X4 ZNet 2.5 2G GSM Intl User guide
-
-
-
Digi Connect WAN GSM-R User guide
-
-
-
Digi Wi-Point 3G User guide
-
-